[PoliCTF 2015] [Web 350 – Magic Chall] Write UpMAGIC CHALL
350 Points – SOLVED
I visit this website when I’m sad, contains many magical things that help me to find the solution. Focused on
your problem and find “the magic thing” that will help you to solve it.magic.polictf.it
Continue reading [PoliCTF 2015] [Web 350 – Magic Chall] Write Up
[PoliCTF 2015] Dat was real g00d funPoliCTF is now over!
It was a really good and fun CTF, challenges were well made, and the organization was really good. Just a few live patching on some challs, but I guess it’s always like that 🙂
Thanks to the organizers who gave us this really good CTF!
As this CTF was a way harder than the Hacking Week, we are not so well ranked, only 73 over 328 (1073 registered), but we are the second French team, behind khack40 (and way before zenk-security and hexpresso 😉 ).
We only solved 7 challenges, and we almost had done 3 more, but as we are a bit lame, we didn’t saw obvious things x)
Obviously, crypto is our main lack, with only zero finished challenge, we really need to skill on that part for the next time!
Stay tuned for the write ups, they’re coming soon (as we don’t have a lot to write :))
Web : web100 – web150 – web350
Pwn : pwn50
Grabbag : grabbag50
Reverse : reverse100
Forensics : forensics100
[HackingWeek 2015] [Forensic 2] Write UpThe supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
One of the machine’s users had several websites about an incident that involved a showbiz personality. The validation key is FirstnameLastname of this personality.
dump.gz (md5sum:1273931ce359f59bce95ce4507e1f4bf)
[HackingWeek 2015] [Forensic 1] Write UpThe supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
The validation key of the challenge is given by the PID, PPID and the number of threads of the Solitaire program. Put it to the format PID:PPID:nThreads.
dump.gz (md5sum:1273931ce359f59bce95ce4507e1f4bf)
[HackingWeek 2015] [Forensic 4] Write UpThe supplied memory image was captured on a compromised machine, analyze it to answer questions (this is the same image for the four forensic tests, useless to download several times).
When the machine was compromised, the attacker installed a Command & Control software that is currently inactive but must contact a server to receive his orders.
Find the server name and the port on which the malware should connect.
The validation key is servername:portnumber.dump.gz (md5sum:1273931ce359f59bce95ce4507e1f4bf)
